EP216 Ephemeral Clouds, Lasting Security: CIRA, CDR, and the Future of Cloud Investigations

Guest: James Campbell, CEO, Cado Security Chris Doman, CTO, Cado Security Topics: Cloud Detection and Response (CDR) vs Cloud Investigation and Response Automation(CIRA) ... what’s the story here? There is an “R” in CDR, right? Can’t my (modern) SIEM/SOAR do that?  What about this becoming a part of modern SIEM/SOAR in the future? What gets better when you deploy a CIRA (a) and your CIRA in particular (b)? Ephemerality and security, what are the fun overlaps? Does “E” help “S” or hurts it? What about compliance? Ephemeral compliance sounds iffy… Cloud investigations, what is special about them? How does CSPM intersect with this? Is CIRA part of CNAPP?   A secret question, need to listen for it! Resources: EP157 Decoding CDR & CIRA: What Happens When SecOps Meets Cloud EP67 Cyber Defense Matrix and Does Cloud Security Have to DIE to Win? EP158 Ghostbusters for the Cloud: Who You Gonna Call for Cloud Forensics Cloud security incidents (Rami McCarthy) Cado resources  

Om Podcasten

Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure. We’re going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject’s benefit or just for organizational benefit. We hope you’ll join us if you’re interested in where technology overlaps with process and bumps up against organizational design. We’re hoping to attract listeners who are happy to hear conventional wisdom questioned, and who are curious about what lessons we can and can’t keep as the world moves from on-premises computing to cloud computing.